extremely secure communication
play

Extremely Secure Communication Daniel Romo - daniel.romao@os3.nl - PowerPoint PPT Presentation

Sep 28, 2022 •273 likes •583 views

Extremely Secure Communication Daniel Romo - daniel.romao@os3.nl Oil Company Oil Company What (almost) everyone knows: NSA collects traffic Confidential data can be compromised Backdoors in encryption-related software and hardware make it

  1. Extremely Secure Communication Daniel Romão - daniel.romao@os3.nl

  4. Oil Company

  5. Oil Company

  6. What (almost) everyone knows: NSA collects traffic Confidential data can be compromised Backdoors in encryption-related software and hardware make it easier

  7. Research Question How can an extremely secure communication on the Internet be deployed for work teams and individuals around the globe?

  8. What can we do? 1 - Avoid possible backdoors on RNGs ➢ Use a verifiable HRNG to improve the kernel entropy pool 2 - Avoid having all data going over a single link

  9. What can we do? 1 - Avoid possible backdoors on RNGs ➢ Use a verifiable HRNG to improve the kernel entropy pool 2 - Avoid having all data going over a single link

  10. What can we do? 1 - Avoid possible backdoors on RNGs ➢ Use a verifiable HRNG to improve the kernel entropy pool 2 - Avoid having all data going over a single link ➢ Use a multipoint VPN!

  11. Hardware Random Number Generator ● Multiple devices exist, mostly closed source ○ Big price differences ● Ongoing discussion on noise sources ○ PN junctions, RF noise, clock drift, thermal noise...

  12. What if we implement a HRNG that is verifiable and has multiple noise sources?

  13. HRNG - Related Work ● Rob Seward implemented a basic HRNG on Arduino using a single PN junction ○ Calibration on startup ○ XOR and Von Neumann filtering ○ Serial interface for output

  14. http://holdenc.altervista.org/avalanche/images/noise.png http://robseward.com/misc/RNG2/RNG_Version_2_images/rng2_circuit_small.png

  15. HRNG Implemented ● Extension of the previous work ○ Multiple noise sources ○ Continuous calibration ○ Second serial interface for logging ○ Raw byte output mode for rng-tools

  19. HRNG Testing ● Ent ○ Entropy, Optimum compression, Chi square, Arithmetic mean, Monte Carlo Pi, Serial correlation ● RNGtest ○ FIPS-140-2 test ○ To test cryptographic modules for use by the United States federal government

  21. Ent results Sample size: 2504 bytes

  22. Ent results Sample size: 512Kb

  23. RNGtest results Sample size: 512Kb

  24. Multipoint VPN ● DMVPN ○ Cisco technology ○ Open source implementation exists: OpenNHRP ○ IPSec ○ Hub (server), Spokes (clients)

  25. Operating System ● Tails Linux ○ Open source operating system ○ Aimed at privacy and anonymity on the Internet ○ Only traffic over Tor and I2P networks can go ○ Always boots from a clean install state

  27. How to deploy the DMVPN spoke software on Tails?

  28. Conclusion ● HRNG and a Tails DMVPN spoke integrate well with each other ● Jitter-based noise generator has very low throughput ● Dual oscillator without filtering was overall the setting with best performance

  29. Future Work ● More experiments with the HRNG ○ Other noise sources and filtering ○ Faster microcontroller ● Optimization of the configuration

  30. Thank you! Go get it: https://github.com/dromao/arduino-rng https://github.com/dromao/dmvpn-spoke Pictures without source are under the CC0 Public Domain license

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Extremely Sensitive Communication Secure, Secret, and Private e-mail Loek Sangers UvA KPMG

Extremely Sensitive Communication Secure, Secret, and Private e-mail Loek Sangers UvA KPMG

Introduction Requirements Available Systems Solutions Proposed System Conclusion Summary Summary Extremely Sensitive Communication Secure, Secret, and Private e-mail Loek Sangers UvA KPMG June 30, 2016 Loek Sangers UvA KPMG Research

636 views • 18 slides
Secure Communication Secure Communication Lecture 14 Wrap-Up We saw... Symmetric-Key

Secure Communication Secure Communication Lecture 14 Wrap-Up We saw... Symmetric-Key

Secure Communication Secure Communication Lecture 14 Wrap-Up We saw... Symmetric-Key Components SKE, MAC Public-Key Components PKE, Digital Signatures Building blocks: Block-ciphers (AES), Hash-functions (SHA-3), Trapdoor PRG/OWP for PKE

1.07k views • 72 slides
Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message

Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message

Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message Transmission Schemes Yvo Desmedt 1 , 2 Stelios Erotokritou 1 Reihaneh Safavi-Naini 3 1 Department of Computer Science University College London, UK 2

459 views • 33 slides
Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in

Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in

Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in the Quantum Era (SPS G5448) February 5th, 2020 Christian Colombo Mark Vella Cryptographic Protocols Design Proofs to validate design against

467 views • 20 slides
Secure Communication Hacking/Hustling Workshop @ Eyebeam About me Liz! She/Her Electrical

Secure Communication Hacking/Hustling Workshop @ Eyebeam About me Liz! She/Her Electrical

Secure Communication Hacking/Hustling Workshop @ Eyebeam About me Liz! She/Her Electrical Engineer/Embedded developer Teaching for a while Overview Signal is one example of a third-party app for secure texting. Well go over what it does

819 views • 32 slides
TLS/SSL TLS (Transport Layer Security) A suite of protocols to provide secure communication

TLS/SSL TLS (Transport Layer Security) A suite of protocols to provide secure communication

TLS/SSL TLS (Transport Layer Security) A suite of protocols to provide secure communication Confidentiality by applying block & stream ciphers - Integrity with MACs - Authenticity with certificates - Predecessor: SSL (secure

557 views • 13 slides
Secure Computation with Low Communication from Cross-checking Dov Gordon (George Mason U.)

Secure Computation with Low Communication from Cross-checking Dov Gordon (George Mason U.)

Secure Computation with Low Communication from Cross-checking Dov Gordon (George Mason U.) Samuel Ranellucci (Unbound Tech) Xiao Wang (MIT & Boston U.) Secure Computation 4 parties each hold private data. They wish to compute C(x 1

414 views • 24 slides
Secure Vehicular Communication System: Design & Implementation of VPKI (Providing Credential

Secure Vehicular Communication System: Design & Implementation of VPKI (Providing Credential

Secure Vehicular Communication System: Design & Implementation of VPKI (Providing Credential Management in a Secure VANET) Supervisor: MSc Thesis: Prof. Panos Papadimitratos Mohammad Khodaei LCN KTH October, 2012 1 / 38 Outline

519 views • 48 slides
Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation Computation How to Run Sublinear Algorithms in a Distributed Algorithms in a Distributed Setting Elette Boyle Shafi Goldwasser Stefano Tessaro

1.01k views • 36 slides
SK Telecom 1 U U U U U U U- U - - communication - - - - - communication

SK Telecom 1 U U U U U U U- U - - communication - - - - - communication

U U U U U U U- U - - communication - - - - - communication communication communication communication communication communication communication Korea Mobile Market Trend for Convergence & Ubiquitous Communication 2004.

400 views • 16 slides
Extremely Long-span Non Extremely Long span Non-repeatered repeatered Submarine Cable Systems

Extremely Long-span Non Extremely Long span Non-repeatered repeatered Submarine Cable Systems

conference & convention enabling the next generation of networks & services Oral Session THU 3A Equipment & Component Technologies: Optical Communications Extremely Long-span Non Extremely Long span Non-repeatered repeatered

214 views • 17 slides
Joseph Jaeger Igors Stepanovs Alice and Bob want E2E secure communication But what about E2E

Joseph Jaeger Igors Stepanovs Alice and Bob want E2E secure communication But what about E2E

Optimal Channel Security Against Fine-Grained State Compromise: The Safety of Messaging Joseph Jaeger Igors Stepanovs Alice and Bob want E2E secure communication But what about E2E Tools? Plenty of Theory Symmetric encryption Asymmetric

475 views • 18 slides
A survey of Key Management for Secure Group Communication Sandro Rafaeli and David Hutchison

A survey of Key Management for Secure Group Communication Sandro Rafaeli and David Hutchison

A survey of Key Management for Secure Group Communication Sandro Rafaeli and David Hutchison Presented By: Anil Bazaz CS6204, Spring 2005 Intro: Group Communication Uses IP multicast to transmit data Does not limit access to data No

543 views • 19 slides
Distributed Systems Secure Communication Paul Krzyzanowski pxk@cs.rutgers.edu Except as

Distributed Systems Secure Communication Paul Krzyzanowski pxk@cs.rutgers.edu Except as

Distributed Systems Secure Communication Paul Krzyzanowski pxk@cs.rutgers.edu Except as otherwise noted, the content of this presentation is licensed under the Creative Commons Attribution 2.5 License. Symmetric cryptography Both parties

860 views • 60 slides
Secure Communication by Ratcheting F Bet ul Durak and Serge Vaudenay COLE POLYTECHNIQUE

Secure Communication by Ratcheting F Bet ul Durak and Serge Vaudenay COLE POLYTECHNIQUE

Secure Communication by Ratcheting F Bet ul Durak and Serge Vaudenay COLE POLYTECHNIQUE FDRALE DE LAUSANNE SV 2018 ratchet ASK 2018 1 / 43 Secure Communication 1 Ratcheting 2 Our Results 3 SV 2018 ratchet ASK 2018 2 / 43

926 views • 43 slides
Multi Party secure communication C D A B E F N parties want to communicate securely with

Multi Party secure communication C D A B E F N parties want to communicate securely with

1 Key Establishment Chester Rebeiro IIT Madras 2 Multi Party secure communication C D A B E F N parties want to communicate securely with each other (N=6 in this figure) If U sends a message to V (U V and U,V {a,b,c,d,e,f})

721 views • 55 slides
Simulation of the IEEE 1588 Precision Time Protocol in OMNeT++ Wolfgang Wallner

Simulation of the IEEE 1588 Precision Time Protocol in OMNeT++ Wolfgang Wallner

Simulation of the IEEE 1588 Precision Time Protocol in OMNeT++ Wolfgang Wallner wolfgang-wallner@gmx.at September 15, 2016 Presentation Outline Introduction Motivation Problem statement Presentation Outline Introduction Motivation

1.54k views • 128 slides
NTP for .nz Josh Simpson Registrar Conference 2014, Auckland What is NTP? Network Time

NTP for .nz Josh Simpson Registrar Conference 2014, Auckland What is NTP? Network Time

NTP for .nz Josh Simpson Registrar Conference 2014, Auckland What is NTP? Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. In

163 views • 13 slides
Exposing Design Flaws in Shared-Clock Systems using TLA+ Russell Mull, Auxon Corporation TLA+

Exposing Design Flaws in Shared-Clock Systems using TLA+ Russell Mull, Auxon Corporation TLA+

Exposing Design Flaws in Shared-Clock Systems using TLA+ Russell Mull, Auxon Corporation TLA+ Conf September 12, 2019 About Me Russell Mull Software Engineer, Auxon Corporation How safe electronic systems are designed How safe electronic

823 views • 58 slides
Experiment on Cristians and Berkeley Time Synchronization Algorithms - Rahul Sehgal 1

Experiment on Cristians and Berkeley Time Synchronization Algorithms - Rahul Sehgal 1

Experiment on Cristians and Berkeley Time Synchronization Algorithms - Rahul Sehgal 1 12/6/2007 Introduction: Centralized Algorithm: 1) Cristians algorithm. ( timeserver ) 2) Berkeley algorithm. ( coordinator ) 2 12/6/2007 Concept of

571 views • 19 slides
A Dual-loop Injection-locked PLL with All-digital Background Calibration System for On-chip Clock

A Dual-loop Injection-locked PLL with All-digital Background Calibration System for On-chip Clock

A Dual-loop Injection-locked PLL with All-digital Background Calibration System for On-chip Clock Generation Wei Deng, Ahmed Musa, Teerachot Siriburanon, Masaya Miyahara, Kenichi Okada, and Akira Matsuzawa Tokyo Institute of Technology, Japan

591 views • 6 slides
Clock Skew Based Client Device Identification in Cloud Environments Wei-Chung Teng Dept. of

Clock Skew Based Client Device Identification in Cloud Environments Wei-Chung Teng Dept. of

Clock Skew Based Client Device Identification in Cloud Environments Wei-Chung Teng Dept. of Computer Science & Info. Eng. National Taiwan University of Sci. & Tech. 1 Wei-Chung Teng on behalf of Assoc. Prof. Yuh-Jye Lee CLOUD SERVICE

364 views • 32 slides
Air Force Institute of Technology Wright-Patterson AFB, Ohio Overall Classification:

Air Force Institute of Technology Wright-Patterson AFB, Ohio Overall Classification:

Jason Crosby, Capt, USAF Air Force Institute of Technology Wright-Patterson AFB, Ohio Overall Classification: UNCLASSIFIED Motivation Goals Assumptions INS Model TDOA Model OFDM Signal Structure Receiver Model

486 views • 21 slides
Bigtable, Spanner and Flat Datacenter Storage by Onur Karaman and Karan Parikh Introducing

Bigtable, Spanner and Flat Datacenter Storage by Onur Karaman and Karan Parikh Introducing

Bigtable, Spanner and Flat Datacenter Storage by Onur Karaman and Karan Parikh Introducing Bigtable Why Bigtable? Store lots of data Scalable Simple yet powerful data model Flexible workloads: high throughput batch jobs to

666 views • 47 slides

More recommend